Security Response

In previous blogs, Symantec has highlighted threats that steal user data. We recently analyzed a new sample submitted to Symantec and came across a server hosting the credentials of 44 million stolen gaming accounts. What was interesting about this threat wasn’t just the sheer number of stolen accounts, but that the accounts were being validated by a Trojan distributed to compromised computers. Symantec detects this threat as Trojan.Loginck.

This particular database server we uncovered seems very much to be the heart of the operation—part of a distributed password checker aimed at Chinese gaming websites. The stolen login credentials are not just from particular online games, but also include user login accounts associated with sites that host a variety of online games....